diff options
| author | hebingning <[email protected]> | 2022-06-27 19:28:06 +0800 |
|---|---|---|
| committer | hebingning <[email protected]> | 2022-06-27 19:28:06 +0800 |
| commit | 7c8b027b067323551bb57e26ad4587acf0093000 (patch) | |
| tree | 0c4fce79d7a525bcbddbc39e5614f39094754340 | |
| parent | e824f8cff0a7e479e89666786923d163fb84fa4e (diff) | |
accesstoken逻辑以及case提交
| -rw-r--r-- | case/policies/security/http.robot | 15 | ||||
| -rw-r--r-- | case/system/administration/administering_access_tokens.robot | 66 | ||||
| -rw-r--r-- | keyword/objects/object.robot | 10 | ||||
| -rw-r--r-- | keyword/system/administration/administering_access_tokens.robot | 56 | ||||
| -rw-r--r-- | other/data/proxy/http/proxy-http-deny-url-substring-data.yaml | 44 | ||||
| -rw-r--r-- | other/data/proxy/http/test-add.yaml | 48 | ||||
| -rw-r--r-- | other/data/security/http/security-http-deny-fqdn-url-data.yaml | 52 |
7 files changed, 257 insertions, 34 deletions
diff --git a/case/policies/security/http.robot b/case/policies/security/http.robot index 7d7b9b0..8b58204 100644 --- a/case/policies/security/http.robot +++ b/case/policies/security/http.robot @@ -75,6 +75,10 @@ deny-url-exactly [Tags] SingleFilter Reset Block Redirect Alert Rate Limit ${objectIds} ${policyIds} PolilcysByTemplate ${path}/data/security/http/security-http-deny-url-exactly-data.yaml ${TEST NAME} +deny-fqdn-url + [Tags] SingleFilter Redirect + ${objectIds} ${policyIds} PolilcysByTemplate ${path}/data/security/http/security-http-deny-fqdn-url-data.yaml ${TEST NAME} + deny-reqheader-prefix [Tags] SingleFilter Reset Block Alert Rate Limit ${objectIds} ${policyIds} PolilcysByTemplate ${path}/data/security/http/security-http-deny-reqheader-prefix-data.yaml ${TEST NAME} @@ -91,21 +95,10 @@ deny-resheader-substring [Tags] SingleFilter Reset Block Alert Rate Limit ${objectIds} ${policyIds} PolilcysByTemplate ${path}/data/security/http/security-http-deny-resheader-substring-data.yaml ${TEST NAME} -# deny-url-reqbody-suffix - # [Tags] SingleFilter Reset Rate Limit - # ${objectIds} ${policyIds} PolilcysByTemplate ${path}/data/security/http/security-http-deny-url-reqbody-suffix-data.yaml ${TEST NAME} - -# deny-url-reqbody-prefix - # [Tags] SingleFilter Reset Rate Limit - # ${objectIds} ${policyIds} PolilcysByTemplate ${path}/data/security/http/security-http-deny-url-reqbody-prefix-data.yaml ${TEST NAME} - deny-url-resbody-substring [Tags] SingleFilter Reset Rate Limit ${objectIds} ${policyIds} PolilcysByTemplate ${path}/data/security/http/security-http-deny-url-resbody-substring-data.yaml ${TEST NAME} -# deny-url-reqbody-exactly - # [Tags] SingleFilter Reset Rate Limit - # ${objectIds} ${policyIds} PolilcysByTemplate ${path}/data/security/http/security-http-deny-url-reqbody-exactly-data.yaml ${TEST NAME} deny-fqdn-url-reqheader-resheader-reqbody-resbody [Tags] MultiFilter Reset Rate Limit diff --git a/case/system/administration/administering_access_tokens.robot b/case/system/administration/administering_access_tokens.robot new file mode 100644 index 0000000..4532f88 --- /dev/null +++ b/case/system/administration/administering_access_tokens.robot @@ -0,0 +1,66 @@ +*** Settings *** +Test Setup LoginAndAddLocalIP +Test Teardown Run Keywords +... DeletePolicyAndObjectAndOther +... AND LogoutAndDelLocalIP +Force Tags PacketTroubleShooting +Library OperatingSystem +Resource ../../../keyword/objects/object.robot +Resource ../../../keyword/policys/policy.robot +Resource ../../../keyword/common/login_logout_switch.robot +Resource ../../../keyword/common/clear_data.robot +Resource ../../../keyword/system/administration/administering_access_tokens.robot + +*** Variables *** +${createPolicyIds} ${EMPTY} +${createObjectIds} ${EMPTY} +${objectUrl} /policy/object +*** Test Cases *** +test-permanent + ${currentTime} Get Current Date result_format=%Y-%m-%dT%H:%M:%SZ exclude_millis=True + ${tokenMessage} Create Dictionary tokenName=${TEST_NAME} expireDate=${currentTime} + ${accessToken} AddAccessToken ${tokenMessage} + SearchWithAccessToken ${objectUrl} ?pageSize=20&pageNo=1&isExclusion=0&objectType=fqdn&vsysId=1 ${accessToken} ${version} 200 + ${accessTokenId} SearchAccessTokenId ?tokenName=${TEST_NAME} + ${accessTokenId} Set Variable [${accessTokenId}] + ${RevokeTokenMessage} Create Dictionary id=${accessTokenId} status=0 + ${rescode} RevokeAccessToken ${RevokeTokenMessage} + SearchWithAccessToken ${objectUrl} ?pageSize=20&pageNo=1&isExclusion=0&objectType=fqdn&vsysId=1 ${accessToken} ${version} 514 + ${rescode} RemoveAccessToken ${accessTokenId} + +test-permanent-datenull + ${tokenMessage} Create Dictionary tokenName=${TEST_NAME} expireDate=${EMPTY} + ${accessToken} AddAccessToken ${tokenMessage} + SearchWithAccessToken ${objectUrl} ?pageSize=20&pageNo=1&isExclusion=0&objectType=fqdn&vsysId=1 ${accessToken} ${version} 200 + ${accessTokenId} SearchAccessTokenId ?tokenName=${TEST_NAME} + ${accessTokenId} Set Variable [${accessTokenId}] + ${rescode} RemoveAccessToken ${accessTokenId} + SearchWithAccessToken ${objectUrl} ?pageSize=20&pageNo=1&isExclusion=0&objectType=fqdn&vsysId=1 ${accessToken} ${version} 514 + +test-permanent-nodate + ${tokenMessage} Create Dictionary tokenName=${TEST_NAME} + ${accessToken} AddAccessToken ${tokenMessage} + SearchWithAccessToken ${objectUrl} ?pageSize=20&pageNo=1&isExclusion=0&objectType=fqdn&vsysId=1 ${accessToken} ${version} 200 + ${accessTokenId} SearchAccessTokenId ?tokenName=${TEST_NAME} + ${accessTokenId} Set Variable [${accessTokenId}] + ${rescode} RemoveAccessToken ${accessTokenId} + +test-temporary + ${currentTime} Get Current Date increment=00:05:00 result_format=%Y-%m-%dT%H:%M:%SZ exclude_millis=True + ${tokenMessage} Create Dictionary tokenName=${TEST_NAME} expireDate=${currentTime} + ${accessToken} AddAccessToken ${tokenMessage} + SearchWithAccessToken ${objectUrl} ?pageSize=20&pageNo=1&isExclusion=0&objectType=fqdn&vsysId=1 ${accessToken} ${version} 200 + sleep 5min + SearchWithAccessToken ${objectUrl} ?pageSize=20&pageNo=1&isExclusion=0&objectType=fqdn&vsysId=1 ${accessToken} ${version} 514 + ${accessTokenId} SearchAccessTokenId ?tokenName=${TEST_NAME} + ${accessTokenId} Set Variable [${accessTokenId}] + ${rescode} RemoveAccessToken ${accessTokenId} + + + + + + + + +
\ No newline at end of file diff --git a/keyword/objects/object.robot b/keyword/objects/object.robot index 0462390..aa71003 100644 --- a/keyword/objects/object.robot +++ b/keyword/objects/object.robot @@ -870,4 +870,12 @@ DeleteObject ${response_code} Get From Dictionary ${response} code
Should Be Equal As Strings ${response_code} 200
${response} Convert to String ${response}
- log ${response}
\ No newline at end of file + log ${response}
+
+SearchObjectWithAccessToken
+ [Arguments] ${requestUri} ${data} ${accessToken} ${apiVersion} ${code}
+ ${response} BaseGetRequestWithToken ${requestUri} ${data} ${accessToken} ${apiVersion} ${code}
+ ${response_code} Get From Dictionary ${response} code
+ Should Be Equal As Strings ${response_code} ${code}
+ [Return] ${response_code}
+
\ No newline at end of file diff --git a/keyword/system/administration/administering_access_tokens.robot b/keyword/system/administration/administering_access_tokens.robot new file mode 100644 index 0000000..f497a95 --- /dev/null +++ b/keyword/system/administration/administering_access_tokens.robot @@ -0,0 +1,56 @@ +*** Settings *** +Library yaml +Library Collections +Library RequestsLibrary +Library DateTime +Library String +Resource ../../../variable/incoming_common_variable.txt +Resource ../../../variable/common_variable.txt +Resource ../../common/common.robot +Resource ../../common/api_request.robot +Library DatabaseLibrary +Library OperatingSystem +Library Selenium2Library +Library ../../../customlib/dict_data.py +Library ../../../customlib/judge_profilelist.py +*** Variables *** +${accessTokenUrl} /sys/accesstoken + +*** Keywords *** +AddAccessToken + [Arguments] ${tokenMessage} + ${body} json.Dumps ${tokenMessage} ensure_ascii=False + log ${body} + ${response} BasePostRequestForV2 ${accessTokenUrl} ${body} ${version} + ${rescode} Set Variable ${response['code']} + Should Be Equal As Strings ${rescode} 200 + ${accessToken} Set Variable ${response['data']['token']} + [Return] ${accessToken} + +RevokeAccessToken + [Arguments] ${RevokeTokenMessage} + ${body} json.Dumps ${tokenMessage} ensure_ascii=False + ${response} BaseEditRequest ${accessTokenUrl} ${body} ${version} + ${rescode} Set Variable ${response['code']} + Should Be Equal As Strings ${rescode} 200 + [Return] ${rescode} + +BaseDeleteRequest + [Arguments] ${accessTokenId} + ${response} BaseEditRequest ${accessTokenUrl} ${accessTokenId} ${version} + ${rescode} Set Variable ${response['code']} + Should Be Equal As Strings ${rescode} 200 + [Return] ${rescode} + +SearchAccessTokenId + [Arguments] ${searchName} + ${response} BaseGetRequestForV2 ${accessTokenUrl} ${searchName} ${version} + ${rescode} Set Variable ${response['code']} + Should Be Equal As Strings ${rescode} 200 + ${accessTokenId} Set Variable ${response['data'][0]['id']} + [Return] ${accessTokenId} + + + + +
\ No newline at end of file diff --git a/other/data/proxy/http/proxy-http-deny-url-substring-data.yaml b/other/data/proxy/http/proxy-http-deny-url-substring-data.yaml index 3428b5f..c5e4bfb 100644 --- a/other/data/proxy/http/proxy-http-deny-url-substring-data.yaml +++ b/other/data/proxy/http/proxy-http-deny-url-substring-data.yaml @@ -3,7 +3,7 @@ - "opAction": "add" "returnData": 1 - "policyName": "proxy-deny-fqdn-suffix-001" + "policyName": "proxy-deny-url-substring-001" "policyType": "pxy_manipulation" "isGre": 0 "logType": "proxy_event" @@ -45,7 +45,7 @@ - "opAction": "add" "returnData": 1 - "policyName": "proxy-deny-fqdn-exactly-002" + "policyName": "proxy-deny-url-substring-002" "policyType": "pxy_manipulation" "isGre": 0 "logType": "proxy_event" @@ -92,19 +92,14 @@ - "opAction": "add" "returnData": 1 - "policyName": "proxy-deny-fqdn-exactly-003" + "policyName": "proxy-deny-url-substring-003-1" "policyType": "pxy_manipulation" "isGre": 0 "logType": "proxy_event" "action": "deny" "method": "block" - "code": 451 - "html_profile": - "responseUrl": "/v1/policy/profile/responsepages" - "pageFiles": "pageFiles" - "filName": "404english.html" - "flag": "resPages" - "feature": "nofeature" + "code": 403 + "message": aluoha "userTags": "" "doBlacklist": 0 "doLog": 2 @@ -119,12 +114,12 @@ "testMachine": - "hopeSuccessNumber": 1 - "command": "wget --debug -q -O- http://www.yumi.com/" - "commandRes": "Error 451" + "command": "wget --debug -q -O- https://www.ctrip.com/" + "commandRes": "Error 403" "logQueryParam": - "queryFiledKey": "http_host" - "queryValue": "www.yumi.com" + "queryValue": "ctrip.com" "isValid": 1 "scheduleId": "condation": @@ -135,19 +130,24 @@ "objectList": - "addItemList": - "keywordArray": - - "www.yumi" + - "www.ctrip.com" - "opAction": "update" - "isEdit": 1 "returnData": 1 - "policyName": "proxy-deny-fqdn-suffix-003-1" + "policyName": "proxy-deny-url-substring-003" "policyType": "pxy_manipulation" "isGre": 0 + "isEdit": 1 "logType": "proxy_event" "action": "deny" "method": "block" - "code": 403 - "message": aluoha + "code": 451 + "html_profile": + "responseUrl": "/v1/policy/profile/responsepages" + "pageFiles": "pageFiles" + "filName": "404english.html" + "flag": "resPages" + "feature": "nofeature" "userTags": "" "doBlacklist": 0 "doLog": 2 @@ -162,12 +162,12 @@ "testMachine": - "hopeSuccessNumber": 1 - "command": "wget --debug -q -O- https://www.ctrip.com/" - "commandRes": "Error 403" + "command": "wget --debug -q -O- http://www.yumi.com/" + "commandRes": "Error 451" "logQueryParam": - "queryFiledKey": "http_host" - "queryValue": "www.umusicpub.com" + "queryValue": "www.yumi.com" "isValid": 1 "scheduleId": "condation": @@ -178,4 +178,4 @@ "objectList": - "addItemList": - "keywordArray": - - "www.ctrip.com"
\ No newline at end of file + - "www.yumi"
\ No newline at end of file diff --git a/other/data/proxy/http/test-add.yaml b/other/data/proxy/http/test-add.yaml new file mode 100644 index 0000000..0825bf6 --- /dev/null +++ b/other/data/proxy/http/test-add.yaml @@ -0,0 +1,48 @@ +#注意keywordArray下的关键字必须为数组形式 +"test-add_data": + - + "opAction": "add" + "returnData": 1 + "policyName": "proxy-deny-fqdn-exactly-002" + "policyType": "pxy_manipulation" + "isGre": 0 + "logType": "proxy_event" + "action": "deny" + "method": "block" + "code": 451 + "html_profile": + "responseUrl": "/v1/policy/profile/responsepages" + "pageFiles": "pageFiles" + "filName": "404china.html" + "flag": "resPages" + "userTags": "" + "doBlacklist": 0 + "doLog": 2 + "policyDesc": "autotest" + "effectiveRange": + "userRegion": + "protocol": "http" + "appIdObjects": + - "http" + "appSelectorObjects": + "isTestMachine": 1 + "testMachine": + - + "hopeSuccessNumber": 1 + "command": "wget --debug -q -O- https://newsela.com/" + "commandRes": "Error 403" + "logQueryParam": + - + "queryFiledKey": "http_host" + "queryValue": "newsela.com" + "isValid": 1 + "scheduleId": + "condation": + - + "protocolField": "TSG_FIELD_HTTP_HOST" + "objectType": "fqdn" + "objectSubType": "" + "objectList": + - "addItemList": + - "keywordArray": + - "$newsela.com"
\ No newline at end of file diff --git a/other/data/security/http/security-http-deny-fqdn-url-data.yaml b/other/data/security/http/security-http-deny-fqdn-url-data.yaml new file mode 100644 index 0000000..9953e94 --- /dev/null +++ b/other/data/security/http/security-http-deny-fqdn-url-data.yaml @@ -0,0 +1,52 @@ +#注意keywordArray下的关键字必须为数组形式 +"deny-fqdn-url_data": + - + "opAction": "add" + "returnData": 1 + "policyName": "security-http-deny-fqdn-url-001" + "policyType": "tsg_security" + "logType": "security_event" + "action": "deny" + "method": "redirect" + "code": 303 + "to": "https://www.whatsapp.com/{{tsg_policy_id}}{{tsg_subscriber_id}}{{tsg_client_ip}}" + "isGre": 0 + "userTags": "" + "doBlacklist": 0 + "doLog": 1 + "policyDesc": "autotest" + "effectiveRange": + "userRegion": + "protocol": "http" + "appIdObjects": + - "http" + "appSelectorObjects": + "isTestMachine": 1 + "testMachine": + - + "hopeSuccessNumber": 1 + "command": "wget --debug -q -O- http://radioamateur.eu/TECH.html" + "commandRes": "303" + "logQueryParam": + - + "queryFiledKey": "http_host" + "queryValue": "radioamateur.eu" + "isValid": 1 + "scheduleId": + "condation": + - + "protocolField": "TSG_FIELD_HTTP_URL" + "objectType": "url" + "objectSubType": "" + "objectList": + - "addItemList": + - "keywordArray": + - "*radioamateur.eu/TECH.html" + - + "protocolField": "TSG_FIELD_HTTP_HOST" + "objectType": "fqdn" + "objectSubType": "" + "objectList": + - "addItemList": + - "keywordArray": + - "*radioamateur.eu"
\ No newline at end of file |